Learn how to install and run the Cowrie SSH/telnet honeypot.
- I've made a clone of my Ubuntu system…and run APT-getupdate and APT-getupgrade…to get it up to date.…Installing Cary is fairly straight forward,…although there are some dependency issues…that you might encounter.…We'll start by installing the main library dependencies.…Okay, we're now ready to go.…If the start script complains of missing dependencies…in your Ubuntu configuration,…then find the libraries and install them.…
Okay, we've started.…I'll go into Cary system and see what I can see.…Just before I do that, I'll check my IP address.…Right, we're on 10.0.2.19.…Let's m map the server.…Okay, we can see port 22 is open,…and somewhat incriminating port 8022.…Let's try to log into port 22.…I'll guess the password, and we get in.…
In fact, Cary allows any password…other than those explicitly excluded…in its data/userdb.txt file.…By default, route, and 123456 are excluded.…Anything else is allowed.…You can configure this to be as open,…or as restrictive as you like.…Let's snoop around.…Back in the Ubuntu system, we can go into the log folder…
Released
2/15/2017Note: Learning about ethical hacking for perimeter defenses is part of the Evading IDS, Firewalls, and Honeypots competency from the Certified Ethical Hacker (CEH) body of knowledge.
- Understanding firewalls
- Applying the basics of the Windows Firewall
- Using advanced features in the Windows Firewall
- Reviewing firewall logs
- Understanding Linux iptables
- Setting up an iptables firewall
- Managing rules with Firewall Builder
- Setting up a Cisco PIX firewall
- Creating a secure enclave
- Installing GNS3
- Understanding web application firewalls
- Protecting API services with the WSO2 gateway
- Running the Cowrie honeypot
- Detecting intrusions with Security Onion
Share this video
Embed this video
Video: Running the Cowrie honeypot